Department of Homeland Security Daily Open Source Infrastructure Report

Thursday, April 9, 2009

Complete DHS Daily Report for April 9, 2009

Daily Report

Top Stories

 Reuters reports that Somali pirates seized a Danish-owned, U.S.-operated container ship on Wednesday with 21 American crew on board in the Indian Ocean 400 miles off Mogadishu. (See item 17)

17. April 8, Reuters – (International) Somali pirates seize U.S.-operated ship-maritime group. Somali pirates seized a Danish-owned, U.S.-operated container ship on April 8 with 21 American crew on board in the latest of a sharp rise in attacks off the Horn of Africa nation, a maritime group said. A spokesman from the Kenya-based East African Seafarers’ Assistance Program said the 17,000 ton vessel was hijacked in the Indian Ocean 400 miles off the Somali capital Mogadishu. He said all of the crew was believed to be safe, and that the vessel had been tentatively identified as the Maersk Alabama. Gunmen from Somalia seized a British-owned ship on April 6 after hijacking another three vessels on April 4 and 5. The pirates typically use speed boats launched from “mother ships,” which means they can sometimes evade foreign navies patrolling the busy shipping lanes and strike far out to sea. They take captured vessels to remote coastal village bases in Somalia, where they have usually treated their hostages well in anticipation of a sizeable ransom payment. Source:

 According to CNET News, the Pentagon spent more than $100 million in the past six months cleaning up after Internet attacks and network issues, military leaders said on Tuesday. (See item 31)

31. April 7, CNET News – (National) Pentagon spends over $100 million on cyberattack cleanup. The Pentagon spent more than $100 million in the past six months cleaning up after Internet attacks and network issues, military leaders said on Tuesday. “The important thing is that we recognize that we are under assault from the least sophisticated — what I would say the bored teenager — all the way up to the sophisticated nation-state, with some petty criminal elements sandwiched in between,” the head of U.S. Strategic Command told reporters at a cyberspace conference in Omaha, Nebraska. Neither he nor the deputy commander for network operations would say how much of the estimated $100 million was spent cleaning up from viruses compared with outside attacks and inadvertent security problems due to U.S. Department of Defense employees. However, they did say that spending money to shore up the networks to prevent attacks and breaches would be better than paying to clean up after an incident. Source:


Banking and Finance Sector

14. April 8, Bloomberg – (National) Congressional panel suggests firing managers, liquidating banks. A congressional panel overseeing the U.S. financial rescue suggested that getting rid of top executives and liquidating problem banks may be a better way to solve the economic crisis. The Congressional Oversight Panel, in a report released on April 7, also said the Treasury may be relying on too rosy an economic scenario to guide its $700 billion bailout, and declared that the success of the program after six months is “mixed.” Three of the group’s members disagreed with at least some of the findings. “All successful efforts to address bank crises have involved the combination of moving aside failed management and getting control of the process of valuing bank balance sheets,” the panel, headed by a Harvard Law School professor, said in its report. The Treasury Secretary has revamped the Troubled Asset Relief Program to focus on injecting capital into banks and removing up to $1 trillion in illiquid securities from their balance sheets via public-private investment partnerships. The government is also working to unfreeze credit markets through a Federal Reserve program that provides loans to investors in some asset-backed securities. The professor, in an interview on Bloomberg Television, said on April 7 that while “things may be getting a little better” under the Treasury Secretary, the Treasury still needs to be more transparent about how it is spending the taxpayers’ money. Source:

15. April 7, Los Angeles Times – (National) Obama Administration warns of mortgage relief scams. Scams targeting struggling homeowners seeking to stave off foreclosure have skyrocketed, federal officials said on April 6, disclosing that they are investigating more than 2,100 companies and have filed legal actions against an Irvine firm and three others. The Attorney General announced the campaign with the Treasury Secretary and other federal officials. The Attorney General said the FBI’s “rescue scam” caseload was up 400 percent from five years ago. The point of the joint effort was to warn homeowners to keep an eye out for potential trouble and to signal to scam artists that “we are united in rooting out foreclosure fraud,” said the secretary of the Department of Housing and Urban Development. The Federal Trade Commission chairman said that his agency had targeted firms such as Federal Loan Modification Law Center in Irvine that allegedly sought through their names and advertising to suggest they were connected to the government. In many cases, federal officials said, mortgage scams have masqueraded as affiliates of a $75-billion program the U.S. President announced in February to help as many as 9 million homeowners avoid foreclosure — except that, unlike the real federal program, they try to collect fees from homeowners in advance. The agency also sent out warning letters to 71 additional companies that appeared to be marketing deceptive loan modification or foreclosure relief plans, said the Federal Trade Commission chairman. Source:,0,4424356.story

16. April 7, KFSM 5 Fayetteville – (Arizona) Bomb scare in Springdale. The bomb squad had to be called to a Springdale bank on April 7 after a suspicious package was found outside the building. The package was discovered at the Bank of America on Sunset Avenue around 7:45 a.m. Employees found the FED-EX box leaning against the front door and called police. “Initial officers arrived and determined that there was something suspicious about the package,” said a sergeant of the Springdale Police Department. “It was later x-rayed by members of the Springdale bomb squad and determined there was a suspicious type of explosive device inside the box.” Inside the box were two pipes and a cell phone attached to some wires, all tools used to make a pipe bomb. Police set up a perimeter around the bank, blocking all traffic on Sunset Avenue. A robot was sent in todetonate the bomb. During the first detonation windows at the Bank of America were blown out. The robot then dragged the remains of the box around to the side of the building where bomb squad members could further investigate. Two more detonations followed. It was determined that there were no explosive devices inside the box, but the police are still taking it very seriously. “It appears the intent was to make it look like an explosive device,” said the sergeant. The Springdale Police are working with the FBI in the investigation. They say those responsible will face criminal and federal charges. Source:,0,1574519.story

Information Technology

35. April 8, Wall Street Journal – (National) Electricity grid in U.S. penetrated by spies. Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials. The spies came from China, Russia, and other countries, these officials said, and were believed to be on a mission to navigate the U.S. electrical system and its controls. The intruders have not sought to damage the power grid or other key infrastructure, but officials warned they could try during a crisis or war. “The Chinese have attempted to map our infrastructure, such as the electrical grid,” said a senior intelligence official. “So have the Russians.” The espionage appeared pervasive across the United States and does not target a particular company or region, said a former Department of Homeland Security official. Many of the intrusions were detected not by the companies in charge of the infrastructure but by U.S. intelligence agencies, officials said. Intelligence officials worry about cyber attackers taking control of electrical facilities, a nuclear power plant, or financial networks via the Internet. Authorities investigating the intrusions have found software tools left behind that could be used to destroy infrastructure components, the senior intelligence official said. Officials said water, sewage, and other infrastructure systems also were at risk. Officials cautioned that the motivation of the cyberspies was not well understood, and they do not see an immediate danger. But protecting the electrical grid and other infrastructure is a key part of the Presidential Administration’s cybersecurity review, which is to be completed next week.Source: See also:

Communications Sector

36. April 7, IDG News Service – (Texas) FBI claims ISP stole millions from AT&T, Verizon. The Federal Bureau of Investigation (FBI) has raided a Dallas collocation facility, investigating a fraud in which telecommunication giants AT&T Inc. and Verizon Communications Inc. were allegedly duped into providing more than 120 million minutes of telephone service to criminals. Following a twisted trail of dummy corporations, post office box addresses, and bogus phone numbers, the FBI investigation centers on two Texas companies: Premier Voice and Lone Star Power. Individuals associated with the two companies submitted “false/fraudulent credit information and other false representations” to access the telephone services, which they allegedly resold to their own customers for one cent per minute over a nearly four-month period, according to an affidavit signed by an FBI agent. Four suspects are identified in a March 11 affidavit, which was made public April 7. “All four of these individuals had numerous criminal charges associated with them, including [charges of] various frauds, interfering with law enforcement officials, violent crimes, and illegal possession of weapons,” The FBI agent wrote. Citing an unidentified witness, the FBI agent said that one of the suspects was also involved in spamming and selling pirated software under the pseudonym CygonX. Source: